You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Kiran Banoor <kb...@earthweb.com> on 2000/07/31 21:14:10 UTC

help on password decryption...

hi,
I want to know that is there anyway i can decrpt the passwords stored
in htpasswd file in apache.
I greatly appreciate any help on this..

Thanks
kiran

-----Original Message-----
From: Ken Williams [mailto:ken@forum.swarthmore.edu]
Sent: Thursday, July 20, 2000 2:48 PM
To: Mark D Wolinski
Cc: modperl@apache.org
Subject: Re: Persistant DB Connections

mark@mrmark.com (Mark D Wolinski) wrote:
>Okay, first, I have not read the manual completely...
>
>So, what I'm looking for is where can I find information on the following,
>if possible (I have both the Eagle and can look up the Guide as well)...
>
>I have an app that can't be run under mod_perl right now because it's
>awfully dirty.  However, in working to transition it to a new version which
>uses mySQL, I'm going to fix parts of it to run under mySQL.  Basically get
>the data transfered to the database while the new version is being written.
>
>Is it possible for a very dirty app, and ugly code to benefit from a
>persistant DB connection but not run under mod_perl directly?

Kind of.  Yes, you can usually get dirty apps to run under mod_perl by
using Apache::PerlRun.  Sometimes they're even too dirty for that,
though.  Try it out.

But one question here is whether persistent mysql connections will speed
things up for you.  In my experience: no.  Connecting under mysql is so
fast that there's no need to cache connections.  Oracle, on the other
hand, profits *greatly* from connection caching.

Of course, if you really care about this you ought to test your specific
situations before you decide.

  -------------------                            -------------------
  Ken Williams                             Last Bastion of Euclidity
  ken@forum.swarthmore.edu                            The Math Forum

Re: help on password decryption...

Posted by Ken Williams <ke...@forum.swarthmore.edu>.

kbanoor@earthweb.com (Kiran Banoor) wrote:
>hi,
>I want to know that is there anyway i can decrpt the passwords stored
>in htpasswd file in apache.
>I greatly appreciate any help on this..

Nope, you can't do it.  Those are one-way hashes of the passwords, not
encrypted versions of them.  They don't necessarily contain all the
information necessary to recover the passwords.  The best you can do is
guess all possible passwords and see whether something matches (though
this can be done in smarter ways than pure brute-force).  

Note: this question is definitely not a mod_perl question, and probably
not an Apache question either.

See the documentation for crypt() (present in Perl or Unix).